Moved my personal changes forward from 5.4.2-B1964 to 5.6.5-B2367. Those of you with programming genes know how to work this file. Not a Git-Geek - did SVN back in the day, worked mostly on 'nix, thus the "diff"

Pitfalls (YES, there is...) If you assign ANY value to "Return.Value" in "Sub OnHELO(oClient)" the server WILL crash. Here, I've said it, be warned!

Hmm... There has been a development... Something works when it really should not

When I initially made this for my 5.4.2 I could not use "Result.Value" and "Result.Message" as the server would crash ...

When I ported my changes to a fresh 5.6.5-B2367 I assumed (I know... Assumption Is The Mother Of All Fuckups!) it would behave the same way but I left the code in there. Well, just played a bit with it - no errors!

I been running it for a while like below (and BAN them accordingly) and all results in ipranges ban entries contain entries from questionable origin, eg: India, Pakistan, Vietnam, China etc. etc.
I have had zero false entries this far

RFC 2821 (SMTP) says:
"In situations in which the SMTP client system does not have a meaningful domain name (e.g., when its address is dynamically allocated and no reverse mapping record is available), the client SHOULD send an address literal"

Can you clarify something: what is the difference between 5.6.6-b2383.7 and beta (5.6.7-b2405.7) ? Because the changelog mods being shown against both seem to be the same (from 5.6.6-B2383.3). What makes them different/what am I not seeing?

Effectively you have brought forward many of the 5.7 fixes ('issues' fixed) into existing 5.6.6 (with your OnHELO addition) for people to use . So people do not have to wait for martin to release 5.7 for these. (Just as well as he seems to be off the boil regarding moving forward with this project, it doesnt seem to be coming forward at any speed - too busy with work etc I presume).

Adding an Autoban is already in the source somewhere, DisableAUTHList is already in the source somewhere, maybe you can work out how to add the autobanning to the DisableAUTHList function?

I doubt with my "skills" this can be accomplished

At the time you posted that topic i agreed this could be useful, but now few months later i have to say it seems unnecessary (at least for me) i hardly see login attempts on port 25 anymore...so it seems the abusers/attackers do learn after a while and simply give up trying

Dravion wrote:What is your plan for this fork in the Future?
Does Martin accept any Pullrequests so this can be merged or backported into the officia release branches on Github?
"If you don't like it, fork it."

I forked it allready in the past. However...
If its not possible collaborating with Martin, it makes no sense for me trying to improve his work and nothing will improve or help the Project. Its fighting against Windmills i think.

For hMailServer i think we can do some extensions and utilities which can be used with hMailServer to. Currently i work with Declan on a Remote API TCP/IP Remote Windows Service. This new Windows Service will add a new TCP/IP Remote Access API Server to hMailServer (for TLS we use LibreSSL). The Remote Access Server for hMailServer can be used to remotely control hMailServer without the need of a Webserver, COM/DCOM and remote clients are not forced running Windows or using a Webbrowser.This Detail is important because Declan wants remotely connect and admistre hMailServer from its own Android Java Smartphone App. So, Java and C/C++ support will be avaiable from the start, but we plan to use LUA as integrated builtin scripting language so non C++ Programmers can remotely script some tasks with LUA which is allmost as easy to learn as VBScript.

In the OnClientLogon(oClient) event, oClient.Username always holds the value passed when authenticating the user, in later events like OnSmtpData, OnAcceptMessage the oClient.Username is empty when authentication has failed (to be compatible with current behavior/scripts)

OnSmtpData, OnAcceptMessage events can also make use of the value oClient.Authenticated (Boolean)

however...
I have thunderbird open all day with some 14 mail accounts connected to my server.

My errors@example.com gets sent automated errors from various systems and scripts etc, and today there is a device that is sending that address an email every five minutes or so.
No big deal, just need to sort this device out

None of MY other accounts get logged
This account is the only account that has new mail
There is only 11 lines, not 14
This repeats every five minutes as the new email to example.com arrives
All accounts are set for IMAP IDLE

None of this is really important, just thought you'd like to know

Every time I send an email, it registers as logging on, and everytime I receive an email I get multiple entries as above.
Someone logging on via POP3 gets logged as expected, all outgoing mail is logged, I guess as expected, just the IMAP accounts when receiving new mail.

Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

I think this behaviour is correct...
If you enable debug logging you'lll notice the IMAP client sends the 'A0002 LOGIN' command when fetching new messages, for example roundcube does this with every IMAP command send to the server

Because I have been using this build I also now have access to Sub OnHELO

This is heaps of fun.
swap 'XXX.XXX.XXX.XXX' for your public IP address

I use the random rejection messages in a few other places in my eventhandlers.vbs now. Thanks for the idea SorenR.
Not that it matters, because I don't think that anyone is listening to my witty auto-replies.

My eventlog says
﻿2588 "2017-10-25 13:21:41.191" "Autoban IP Address started for IP = 203.113.204.51 For 14 Number of days for reason Using My IP as EHLO"
﻿2588 "2017-10-25 13:21:41.300" "Autoban IP range being set for IP Address 203.113.204.51"

The save didn't happen...?

But no Autoban created (I've done it manually now)

If you receive concurrent connections (winthin milliseconds) from the same IP and you try to ban that IP then "i" will never become "true" because "Err.Number" can never become "0" ... The IP was banned from another session during the while...wend loop.

SorenR wrote:
If you receive concurrent connections (winthin milliseconds) from the same IP and you try to ban that IP then "i" will never become "true" because "Err.Number" can never become "0" ... The IP was banned from another session during the while...wend loop.

I think...

So how do we stop this situation? Having the server freeze and require restarting is not very practical (to say the least).

SorenR wrote:
If you receive concurrent connections (winthin milliseconds) from the same IP and you try to ban that IP then "i" will never become "true" because "Err.Number" can never become "0" ... The IP was banned from another session during the while...wend loop.

I think...

So how do we stop this situation? Having the server freeze and require restarting is not very practical (to say the least).

That's why I did the filelocking thingy, to control when what is done. A form of forced preemptive multitasking.

If you assume you are entering the race condition because the .Save fails due to the presence of a duplicate Autoban entry created on a different thread, wouldn't you see that entry in the database when you restart the service?

If the .Save is failing because a duplicate exists, you need to catch the particular error state in your code and exit from the loop.

I'm not sure I even understand why you think you need to retry Saving indefinitely. Why not just try once and log a failure on error?

NO Autoban entry exists for that IP, before or after server restart, so it simply isn't created

I will play again with my script and try and catch better errors I think
When my hMailsevrer stopped last night it wasn't due to this OnHELO sub stopping part way through, so I need to investigate what exactly is happening.

I never had the stop issue on the hMailsevrer official Beta build, only since I moved to RVHD's special build. I may need to move back to the official builds too.

Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

I think you will need to find some usable terminal condition to cause an exit from the loop, because if you get into the loop in a state where the .Save fails, you you will loop endlessly and that is probably what is cause the behavior you are seeing.

While testing some code that i just implemented for GreyWhitelisting, i ran into an interesting find. This issue is consistent and can be replicated on demand:

Using SorenR's regex logic OnHELO I get a proper match from google and successfully call for a Greylist Whitelist addition. But the interesting part is that I seem to get 2 matches and call for an addition for the same IP within milliseconds of each other. This causes an access violation and throws about 30 errors in the log.

Here's what i can confirm:

It's not my executable that is causing the issue, as i am logging the matches from the EventHandler and writing to the event log before the call. See below:

The google ip address that is being added is this. Notice the redundant entries that happen within milliseconds of each other.:
﻿6060 "2017-10-29 10:39:15.920" "Message from: 74.125.82.50 mail-wm0-f50.google.com Added as to Greylist Whitelist do to match in approved list"
﻿6560 "2017-10-29 10:39:16.639" "Message from: 74.125.82.50 mail-wm0-f50.google.com Added as to Greylist Whitelist do to match in approved list"

So here is my first guess to what could cause this behavior without cracking the source open:

Is a .tmp file created before OnHELO? If so, it may be possible that this is causing a redundant check against the host, thus causing duplicate matches and duplicate calls? I still have to debug more, but wanted to post my findings in case someone has seen this behavior with OnHELO already.

insomniac2k2 wrote:While testing some code that i just implemented for GreyWhitelisting, i ran into an interesting find. This issue is consistent and can be replicated on demand:

Using SorenR's regex logic OnHELO I get a proper match from google and successfully call for a Greylist Whitelist addition. But the interesting part is that I seem to get 2 matches and call for an addition for the same IP within milliseconds of each other. This causes an access violation and throws about 30 errors in the log.

Here's what i can confirm:

It's not my executable that is causing the issue, as i am logging the matches from the EventHandler and writing to the event log before the call. See below:

The google ip address that is being added is this. Notice the redundant entries that happen within milliseconds of each other.:
﻿6060 "2017-10-29 10:39:15.920" "Message from: 74.125.82.50 mail-wm0-f50.google.com Added as to Greylist Whitelist do to match in approved list"
﻿6560 "2017-10-29 10:39:16.639" "Message from: 74.125.82.50 mail-wm0-f50.google.com Added as to Greylist Whitelist do to match in approved list"

So here is my first guess to what could cause this behavior without cracking the source open:

Is a .tmp file created before OnHELO? If so, it may be possible that this is causing a redundant check against the host, thus causing duplicate matches and duplicate calls? I still have to debug more, but wanted to post my findings in case someone has seen this behavior with OnHELO already.